CVE-2016-3828

Name of the Vulnerable Software and Affected Versions Android versions prior to 2016-08-01

Description The issue is related to the handling of invalid PPS and SPS NAL units in the decoder/ih264d api.c file within the mediaserver of Android. This can be exploited by remote attackers to cause a denial of service, resulting in a device hang or reboot, by using a crafted media file.

Recommendations For Android versions prior to 2016-08-01, update the operating system to a version released after 2016-08-01 to resolve the issue. As a temporary workaround, consider avoiding the use of media files from untrusted sources to minimize the risk of exploitation.